πΊπΈ
kosada.com
2026-06-29 15:11:28
(5 days ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-16 14:38:44
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 212.100.64.254 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 212.100.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 10:38:35.950827 2026] [security2:error] [pid 32476:tid 32476] [client 212.100.64.254:57400] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||crystaljohns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "crystaljohns.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajFf684Wri2sG65pjKtBSgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
rh24
2026-06-08 12:15:16
(3 weeks ago)
(xmlrpc_405) XMLRPC-Bot 405 212.100.64.254 (NG/Nigeria/-)
Hacking
πΊπΈ
TPI-Abuse
2026-05-25 10:13:27
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 212.100.64.254 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 212.100.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 06:13:19.194581 2026] [security2:error] [pid 4139:tid 4139] [client 212.100.64.254:62227] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mobileonlinecasinos.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mobileonlinecasinos.co"] [uri "/wp-json/wp/v2/users"] [unique_id "ahQgvyJCO21R4aqMXtBGIwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-20 16:18:14
(1 month ago)
Attac
Brute-Force
πΊπΈ
TPI-Abuse
2026-05-20 15:52:55
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 212.100.64.254 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 212.100.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 11:52:50.372193 2026] [security2:error] [pid 16650:tid 16650] [client 212.100.64.254:54821] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aandbnaturalfoods.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aandbnaturalfoods.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag3Y0kDjBNciS1coI1eGSwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
stinpriza
2026-05-20 12:22:55
(1 month ago)
Web App Attack
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-20 10:14:20
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 212.100.64.254 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 212.100.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 06:14:15.018208 2026] [security2:error] [pid 19370:tid 19370] [client 212.100.64.254:51503] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rogerheath.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rogerheath.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag2Jd8f7eXyGXAYYK5-6lwAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π±π»
garmtech.com
2026-05-19 11:27:45
(1 month ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)
Web App Attack
πΊπΈ
nationaleventpros.com
2026-05-06 10:21:10
(1 month ago)
WordPress login attempt
Brute-Force
π³π±
BlueWire Hosting
2026-05-05 14:53:06
(1 month ago)
Probing websites for vulnerabilities
Web App Attack
π¨π
4server
2026-04-29 09:52:52
(2 months ago)
[WedApr2911:52:45.7464392026][security2:error][pid877604:tid877842][client212.100.64.254:0]ModSecuri ...
show more
[WedApr2911:52:45.7464392026][security2:error][pid877604:tid877842][client212.100.64.254:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"4host.biz\"][uri\"/xmlrpc.php\"][unique_id\"afHU7VmgrCe24L_mxfqdWAAAANE\"]
show less
Hacking
Web App Attack
π©πͺ
kjaerulff
2026-04-29 07:39:24
(2 months ago)
Failed Wordpress login using xmlrpc.php
Web App Attack
πΊπΈ
Dolphi
2026-04-27 13:20:06
(2 months ago)
Excessive POST /xmlrpc.php requests
Brute-Force
Web App Attack
π©πͺ
Lino Project
2026-04-20 08:51:24
(2 months ago)
212.100.64.254 - - [20/Apr/2026:10:51:23 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3713 "-" "Mozilla/5. ...
show more
212.100.64.254 - - [20/Apr/2026:10:51:23 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3713 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/79.0.0.0 Safari/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack